--- El mar, 30/9/08, Alan DeKok <[EMAIL PROTECTED]> escribió: De: Alan DeKok <[EMAIL PROTECTED]> Asunto: Re: freeradius compiled version (lastest) against active directory authentication Para: [EMAIL PROTECTED], "FreeRadius users mailing list" <freeradius-users@lists.freeradius.org> Fecha: martes, 30 septiembre, 2008 3:07
luis a wrote: > I have everything seemingly well-configured to authenticate against > Active Directory > but I lack the parameters under which I use the default > ntlm_auth module What does that mean? Have you tried my web site (deployingradius.com) ? It has a "howto" for configuring authentication against Active Directory. i all ready read it and he does not work check it out the output ------------------------------------ Listening on authentication address * port 1812 Listening on accounting address * port 1813 Listening on proxy address * port 1814 Ready to process requests. rad_recv: Access-Request packet from host 127.0.0.1 port 49964, id=37, length=72 User-Name = "luis" User-Password = "x" NAS-IP-Address = xx.xx.xx.x NAS-Port = 0 +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "luis", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[unix] returns updated [files] WARNING: Deprecated conditional expansion ":-". See "man unlang" for details [files] expand: %{Stripped-User-Name:-%{User-Name}} -> luis that warning apered after i added the line to the user config file DEFAULT Auth-Type = Local, Password == "stealme" .. WARNING: Found User-Password == "...". WARNING: Are you sure you don't mean Cleartext-Password? WARNING: See "man rlm_pap" for more information. ++[files] returns noop ++[expiration] returns noop ++[logintime] returns noop ++[pap] returns updated Found Auth-Type = PAP +- entering group PAP {...} [pap] login attempt with password "x" [pap] Using CRYPT encryption. [pap] Passwords don't match ++[pap] returns reject Failed to authenticate the user. ------------------- and also when i remplace DEFAULT Auth-Type = System i get this message . rad_recv: Access-Request packet from host 127.0.0.1 port 50255, id=25, length=72 User-Name = "luis" User-Password = "x" NAS-IP-Address = xx.xx.xx.xx NAS-Port = 0 +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "luis", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[unix] returns updated [files] WARNING: Deprecated conditional expansion ":-". See "man unlang" for details [files] expand: %{Stripped-User-Name:-%{User-Name}} -> luis [files] users: Matched entry DEFAULT at line 205 ++[files] returns ok ++[expiration] returns noop ++[logintime] returns noop [pap] Found existing Auth-Type, not changing it. ++[pap] returns noop Found Auth-Type = System +- entering group authenticate {...} [unix] invalid password "luis" ++[unix] returns reject Failed to authenticate the user. Using Post-Auth-Type Reject +- entering group REJECT {...} [attr_filter.access_reject] expand: %{User-Name} -> luis attr_filter: Matched entry DEFAULT at line 11 ++[attr_filter.access_reject] returns updated Delaying reject of request 0 for 1 seconds Going to the next request Waking up in 0.9 seconds. Sending delayed reject for request 0 Sending Access-Reject of id 25 to 127.0.0.1 port 50255 Waking up in 4.9 seconds. Cleaning up request 0 ID 25 with timestamp +4 Ready to process requests. Alan DeKok.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html